Configuration Guide 802.1x Configuration
You can use the no dot1x max-req command to restore the maximum number of packet re-transmissions to its default.
The following example sets the maximum number of packet retransmissions to 5:
Ruijie# configure terminal
Ruijie(config)# dot1x max-req 5
Ruijie(config)# end
Setting the Maximum Number of Re-authentications
When the user authentication fails, the device attempts to perform authentication for the user once again. When the
number of attempts exceeds the maximum number of authentications, the switch believes that this user is already
disconnected, and ends the authentication process accordingly. By default, the number is 3. However, you can modify this
value.
In the privileged EXEC mode, you can set the maximum number of re-authentications by performing the following steps:
Ruijie(config)#dot1x reauth-max count
Setting the Maximum Number of Re-authentications
Show the dot1x configurations.
You can use the no dot1x reauth-max command to restore the maximum number of re-authentications to its default. The
following example sets the maximum number of re-authentications to 3:
Ruijie# configure terminal
Ruijie(config)# dot1x reauth-max 3
Ruijie(config)# end
Setting the Server-timeout
This value indicates the maximum response time of the Radius Server. If the switch does not receive the response from
the Radius Server within this period, it deems the authentication as a failure.
In the privileged EXEC mode, you can set the Server-timeout and restore its default by performing the following steps:
Ruijie(config)#dot1x timeout server-timeout
seconds
Set the maximum response time of the Radius Server. You
can use the no option of the command to restore its default.
Show the dot1x configurations.
Configuring the device to initiate the 802.1x authentication proactively
The 802.1x is secure access authentication based on port. Users must first undergo authentication before they can
access the network. In most cases, authentication is initiated by the user end through EAPOL-START packets. For the
information about packet interaction during the authentication process, please see “Authentication Initiation and Packet
Interaction During Authentication”.
However, authentication needs to be initiated by the switch in some cases. For example, when the switch is reset and the
status of the authentication port changes from linkdown to linkup, the switch needs to automatically initiate authentication
to ensure that the authenticated users can continue to use the network. In addition, if you use a 802.1x client that does not
actively initiate authentication requests (for example, the Windows XP 802.1x client), the switch should be able to actively
To Next Page
Loading...
